Abstract image of a woman sitting on books and studying on a laptop

Introduction To ICT Security Audit OWASP Day Malaysia 2011

Linuxmalaysia Malaysia, profile picture
Linuxmalaysia Malaysia

This document outlines an agenda for an IT audit and assessment event. It discusses identifying risks like outdated patches, weak passwords, open ports, and phishing. It provides resources for monitoring vulnerabilities and cracking passwords. Labs are suggested to practice tasks like patching, password cracking, port scanning, and network monitoring. The objective is to harden systems against common threats by finding vulnerabilities and ensuring regular security reviews are performed. Participants are encouraged to get involved to improve the security of their organization.

1 of 24
Downloaded 34 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
Introduction IT Audit & Assessment 20 Sept 2011 OWASP Day Malaysia 2011 https://www.owasp.org/index.php/OWASP_Day_KL_2011
Agenda ● Objective of The Day ● Identified The Risks ● Who should be involved ● Where To Starts ● What To Audit ● When To Audit ● How To Do It
Objective • Harden Our Servers • In Depth Defense • Find the loophole • Find the zero day
Risk Only one risk – Human To Err Is Human
Its our job to find it. :-)
Risks ● Not a latest Patches ● Forget my password ● Allow all, Deny None ● Install everything ● Share anything ● Phishing ● No backup
Not The Latest Patches ● Be alert – http://www.mycert.org.my/en/ – http://www.securityfocus.com/ – http://packetstormsecurity.org/ – http://gcert.mampu.gov.my/ – http://www.cert.org/certcc.html Internet Storm Center – http://isc.sans.edu/ Patches Priority One – http://www.sans.org/top-cyber-security-risks/
Lab One ● Subscribe websites to Google Reader ● http://www.kb.cert.org/vuls/
Forget My Password ● We will use easy password ● Password must = Senang nak ingat, susah nak teka. ● Don't leak the hash ● Generate MD5 hash – http://md5crack.com/crackmd5.php ● Crack MD5 – http://isc.sans.edu/tools/reversehash.html
Lab Two ● Crack this – password – abc123 – haris – Your own name – Birthday date in numbers – Birthday date in any format
Allow All Deny None ● Any ports outbound open ● Not proxy between LAN and Internet ● Used by BOT to attack and comm with BOSS
Lab Three ● Telnet – Telnet in CMD and Shell – Port 80 GET /index.htm HTTP/1.1 and enter twice – Port 25 helo and quit ● Visit this website – http://www.yougetsignal.com/tools/open-ports/ – http://canyouseeme.org/
Install Everything ● To many patches ● To many services ● Only select what you want
Share Everything ● Windows Share permission “every body” – Don't trust your network ● Putting files in web servers – Google BOT nyum-nyum
Lab Four ● Google own name in PDF files – harisfazillah filetype:pdf ● You own IC numbers (with and without -) – Do this on your own
Phishing ● The most used tactic to gain password – Email – Phone
Lab Five ● Track your organisation here – http://www.phishtank.com/ ● You will never know, you are the target. ● Defacement Archive – http://www.zone-h.org/archive
Break Jom Minum
Who ? - The Management - ICT - Me Everybody need to be involved
Lab Six ● CIS Security – The Benchmark – http://www.cisecurity.org/
Where To Start ● Any servers that have IP address – Public or Internal – Heavy traffic websites and Email ● LAN – Review firewall and proxy log – SMTP activities – IRC bot activities – HTTP and HTTPS requests – Minitor network traffic
Lab Seven ● Get the bootable CD ● tcpdump ● wireshark ● Any network analysis tools
When To Do It ● A must every 6 months ● Any security warning
Contact linuxmalaysia@gmail.com http://green-osstools.blogspot.com/

More Related Content

PDF
What Goes In Must Come Out: Egress-Assess and Data Exfiltration
CTruncer
 
PPTX
Hacking - Breaking Into It
CTruncer
 
PPTX
TSC Summit #4 - Howto get browser persitence and remote execution (JS)
Mikal Villa
 
PDF
MonkeySpider at Sicherheit 2008
Ali Ikinci
 
PDF
Puppet Camp Boston 2014: Securely Managing Secrets with FreeIPA and Puppet (I...
Puppet
 
PDF
Puppet Camp NYC 2014: Safely storing secrets and credentials in Git for use b...
Puppet
 
PDF
ProjectTox: Free as in freedom Skype replacement
Wei-Ning Huang
 
PDF
An EyeWitness View into your Network
CTruncer
 
What Goes In Must Come Out: Egress-Assess and Data Exfiltration
CTruncer
 
Hacking - Breaking Into It
CTruncer
 
TSC Summit #4 - Howto get browser persitence and remote execution (JS)
Mikal Villa
 
MonkeySpider at Sicherheit 2008
Ali Ikinci
 
Puppet Camp Boston 2014: Securely Managing Secrets with FreeIPA and Puppet (I...
Puppet
 
Puppet Camp NYC 2014: Safely storing secrets and credentials in Git for use b...
Puppet
 
ProjectTox: Free as in freedom Skype replacement
Wei-Ning Huang
 
An EyeWitness View into your Network
CTruncer
 

What's hot (16)

PDF
Passive Intelligence Gathering and Analytics - It's All Just Metadata!
CTruncer
 
PPTX
Pen Testing, Red Teaming, and More
CTruncer
 
PDF
Git hooks For PHP Developers
Umut IŞIK
 
PDF
Bypassing Web Application Firewalls and other security filters
Netsparker
 
PPTX
Same-origin Policy (SOP)
Netsparker
 
PDF
Ever Present Persistence - Established Footholds Seen in the Wild
CTruncer
 
PDF
Web Exploitation
UTD Computer Security Group
 
PDF
The State of the Veil Framework
VeilFramework
 
PDF
CheckPlease: Payload-Agnostic Targeted Malware
Brandon Arvanaghi
 
PDF
Bo0oM - There's Nothing so Permanent as Temporary (PHDays IV, 2014)
Дмитрий Бумов
 
PDF
Rust
Diego Pacheco
 
PDF
The BlackBox Project: Safely store secrets in Git/Mercurial (originally for P...
Tom Limoncelli
 
PDF
Fuzzing - Part 2
UTD Computer Security Group
 
PDF
Make CSRF Again
Netsparker
 
PDF
Bringing Down the House - How One Python Script Ruled Over AntiVirus
CTruncer
 
PPTX
PHP: apresentando a linguagem, suas tecnologias e a comunidade
Igor Lopes
 
Passive Intelligence Gathering and Analytics - It's All Just Metadata!
CTruncer
 
Pen Testing, Red Teaming, and More
CTruncer
 
Git hooks For PHP Developers
Umut IŞIK
 
Bypassing Web Application Firewalls and other security filters
Netsparker
 
Same-origin Policy (SOP)
Netsparker
 
Ever Present Persistence - Established Footholds Seen in the Wild
CTruncer
 
Web Exploitation
UTD Computer Security Group
 
The State of the Veil Framework
VeilFramework
 
CheckPlease: Payload-Agnostic Targeted Malware
Brandon Arvanaghi
 
Bo0oM - There's Nothing so Permanent as Temporary (PHDays IV, 2014)
Дмитрий Бумов
 
Rust
Diego Pacheco
 
The BlackBox Project: Safely store secrets in Git/Mercurial (originally for P...
Tom Limoncelli
 
Fuzzing - Part 2
UTD Computer Security Group
 
Make CSRF Again
Netsparker
 
Bringing Down the House - How One Python Script Ruled Over AntiVirus
CTruncer
 
PHP: apresentando a linguagem, suas tecnologias e a comunidade
Igor Lopes
 
Ad

Viewers also liked (6)

PPSX
Bezpečnostní architektura Check Point (nejen) pro váš privátní cloud
MarketingArrowECS_CZ
 
PDF
Ritva Inkinen: Turvallinen lääkehoito -opas
THL
 
PPT
Ceramah Audit Prestasi
Jabatan Audit Negara
 
PPTX
ICT Auditing
ictderby
 
PPTX
Bukti Audit, Tujuan Audit, Program Audit
Dwi Wahyu
 
PPT
Network Security
MAJU
 
Bezpečnostní architektura Check Point (nejen) pro váš privátní cloud
MarketingArrowECS_CZ
 
Ritva Inkinen: Turvallinen lääkehoito -opas
THL
 
Ceramah Audit Prestasi
Jabatan Audit Negara
 
ICT Auditing
ictderby
 
Bukti Audit, Tujuan Audit, Program Audit
Dwi Wahyu
 
Network Security
MAJU
 
Ad

Similar to Introduction To ICT Security Audit OWASP Day Malaysia 2011 (20)

PDF
Invited Talk - Cyber Security and Open Source
hack33
 
KEY
Unity makes strength
Xavier Mertens
 
PPT
Bsides-Philly-2016-Finding-A-Companys-BreakPoint
Zack Meyers
 
PDF
Real life hacking101
Florent Batard
 
PDF
Penetration Testing is the Art of the Manipulation
JongWon Kim
 
PDF
20120329 Cybercrime threats on e-world
Luc Beirens
 
PPTX
Security_Awareness_Primer.pptx
Faith Shimba
 
PDF
Web security 101
Kristaps Kūlis
 
PDF
Websec
Kristaps Kūlis
 
PPTX
Cyber Security Awareness Program.pptx
Dinesh582831
 
PPTX
Cyber crime &_info_security
Er Mahendra Yadav
 
PDF
Ultimate pen test compromising a highly secure environment (nikhil)
ClubHack
 
PDF
Do You Write Secure Code? by Erez Metula
Alphageeks
 
PPTX
Why do women love chasing down bad guys?
SITA
 
PPT
The Top 10/20 Internet Security Vulnerabilities – A Primer
amiable_indian
 
PPTX
Hacker tooltalk: Social Engineering Toolkit (SET)
Chris Hammond-Thrasher
 
PDF
Getting users to care about security
Alison Gianotto
 
PPTX
Awareness Security 123.pptx
RajuSingh730938
 
PPTX
USG_Security_Awareness_Primer.pptx
sumita02
 
PPTX
USG_Security_Awareness_Primer (1).pptx
ssuser59e4b8
 
Invited Talk - Cyber Security and Open Source
hack33
 
Unity makes strength
Xavier Mertens
 
Bsides-Philly-2016-Finding-A-Companys-BreakPoint
Zack Meyers
 
Real life hacking101
Florent Batard
 
Penetration Testing is the Art of the Manipulation
JongWon Kim
 
20120329 Cybercrime threats on e-world
Luc Beirens
 
Security_Awareness_Primer.pptx
Faith Shimba
 
Web security 101
Kristaps Kūlis
 
Websec
Kristaps Kūlis
 
Cyber Security Awareness Program.pptx
Dinesh582831
 
Cyber crime &_info_security
Er Mahendra Yadav
 
Ultimate pen test compromising a highly secure environment (nikhil)
ClubHack
 
Do You Write Secure Code? by Erez Metula
Alphageeks
 
Why do women love chasing down bad guys?
SITA
 
The Top 10/20 Internet Security Vulnerabilities – A Primer
amiable_indian
 
Hacker tooltalk: Social Engineering Toolkit (SET)
Chris Hammond-Thrasher
 
Getting users to care about security
Alison Gianotto
 
Awareness Security 123.pptx
RajuSingh730938
 
USG_Security_Awareness_Primer.pptx
sumita02
 
USG_Security_Awareness_Primer (1).pptx
ssuser59e4b8
 

More from Linuxmalaysia Malaysia (20)

PDF
Big Data - Harisfazillah Jamel - Startup and Developer 4th Meetup 5th Novembe...
Linuxmalaysia Malaysia
 
PDF
Call For Speakers Malaysia Open Source Conference 2014 (MOSCMY 2014 - MOSCMY2...
Linuxmalaysia Malaysia
 
PDF
Malaysia Open Source Conference MOSCMY 2013 Itinerary And Streams MOSC2013 a...
Linuxmalaysia Malaysia
 
PDF
MOSC2013 MOSCMY Brochure Malaysia Open Source Conference 2013
Linuxmalaysia Malaysia
 
PDF
Brochure Malaysia Open Source Conference 2013 MOSCMY 2013 (MOSC2013) brochure
Linuxmalaysia Malaysia
 
PDF
Hala Tuju Kemahiran Keselamatan Komputer Dan Internet (ICT)
Linuxmalaysia Malaysia
 
PDF
FOSSDAY@IIUM 2012 Cloud Presentation By LinuxMalaysia
Linuxmalaysia Malaysia
 
PDF
Questionnaire For Establishment Of Board of Computing Professionals Malaysia ...
Linuxmalaysia Malaysia
 
PDF
Sponsorship Prospectus Malaysia Open Source Conference 2012 (MOSC2012)
Linuxmalaysia Malaysia
 
PDF
OSS Community Forum Regarding Proposed BCPM2011 SWOT Slide
Linuxmalaysia Malaysia
 
PDF
Building Smart Phone Web Apps MOSC2010 Bikesh iTrain
Linuxmalaysia Malaysia
 
PDF
OSDC.my Master Plan For Malaysia Open Source Community
Linuxmalaysia Malaysia
 
PDF
33853955 bikesh-beginning-smart-phone-web-development
Linuxmalaysia Malaysia
 
PDF
Open Source Tools for Creating Mashups with Government Datasets MOSC2010
Linuxmalaysia Malaysia
 
PDF
DNS solution trumps cloud computing competition
Linuxmalaysia Malaysia
 
PDF
Brochure MSC Malaysia Open Source Conference 2010 (MSC MOSC2010)
Linuxmalaysia Malaysia
 
PDF
Benchmarking On Web Server For Budget 2008 Day
Linuxmalaysia Malaysia
 
PDF
Sesuaikan Masa Sempena 2010
Linuxmalaysia Malaysia
 
ODT
OSS Community In Malaysia 2009 List
Linuxmalaysia Malaysia
 
PDF
List Of OSS Communities Malaysia 2009
Linuxmalaysia Malaysia
 
Big Data - Harisfazillah Jamel - Startup and Developer 4th Meetup 5th Novembe...
Linuxmalaysia Malaysia
 
Call For Speakers Malaysia Open Source Conference 2014 (MOSCMY 2014 - MOSCMY2...
Linuxmalaysia Malaysia
 
Malaysia Open Source Conference MOSCMY 2013 Itinerary And Streams MOSC2013 a...
Linuxmalaysia Malaysia
 
MOSC2013 MOSCMY Brochure Malaysia Open Source Conference 2013
Linuxmalaysia Malaysia
 
Brochure Malaysia Open Source Conference 2013 MOSCMY 2013 (MOSC2013) brochure
Linuxmalaysia Malaysia
 
Hala Tuju Kemahiran Keselamatan Komputer Dan Internet (ICT)
Linuxmalaysia Malaysia
 
FOSSDAY@IIUM 2012 Cloud Presentation By LinuxMalaysia
Linuxmalaysia Malaysia
 
Questionnaire For Establishment Of Board of Computing Professionals Malaysia ...
Linuxmalaysia Malaysia
 
Sponsorship Prospectus Malaysia Open Source Conference 2012 (MOSC2012)
Linuxmalaysia Malaysia
 
OSS Community Forum Regarding Proposed BCPM2011 SWOT Slide
Linuxmalaysia Malaysia
 
Building Smart Phone Web Apps MOSC2010 Bikesh iTrain
Linuxmalaysia Malaysia
 
OSDC.my Master Plan For Malaysia Open Source Community
Linuxmalaysia Malaysia
 
33853955 bikesh-beginning-smart-phone-web-development
Linuxmalaysia Malaysia
 
Open Source Tools for Creating Mashups with Government Datasets MOSC2010
Linuxmalaysia Malaysia
 
DNS solution trumps cloud computing competition
Linuxmalaysia Malaysia
 
Brochure MSC Malaysia Open Source Conference 2010 (MSC MOSC2010)
Linuxmalaysia Malaysia
 
Benchmarking On Web Server For Budget 2008 Day
Linuxmalaysia Malaysia
 
Sesuaikan Masa Sempena 2010
Linuxmalaysia Malaysia
 
OSS Community In Malaysia 2009 List
Linuxmalaysia Malaysia
 
List Of OSS Communities Malaysia 2009
Linuxmalaysia Malaysia
 

Introduction To ICT Security Audit OWASP Day Malaysia 2011

  • 1. Introduction IT Audit & Assessment 20 Sept 2011 OWASP Day Malaysia 2011 https://www.owasp.org/index.php/OWASP_Day_KL_2011
  • 2. Agenda ● Objective of The Day ● Identified The Risks ● Who should be involved ● Where To Starts ● What To Audit ● When To Audit ● How To Do It
  • 3. Objective • Harden Our Servers • In Depth Defense • Find the loophole • Find the zero day
  • 4. Risk Only one risk – Human To Err Is Human
  • 5. Its our job to find it. :-)
  • 6. Risks ● Not a latest Patches ● Forget my password ● Allow all, Deny None ● Install everything ● Share anything ● Phishing ● No backup
  • 7. Not The Latest Patches ● Be alert – http://www.mycert.org.my/en/ – http://www.securityfocus.com/ – http://packetstormsecurity.org/ – http://gcert.mampu.gov.my/ – http://www.cert.org/certcc.html Internet Storm Center – http://isc.sans.edu/ Patches Priority One – http://www.sans.org/top-cyber-security-risks/
  • 8. Lab One ● Subscribe websites to Google Reader ● http://www.kb.cert.org/vuls/
  • 9. Forget My Password ● We will use easy password ● Password must = Senang nak ingat, susah nak teka. ● Don't leak the hash ● Generate MD5 hash – http://md5crack.com/crackmd5.php ● Crack MD5 – http://isc.sans.edu/tools/reversehash.html
  • 10. Lab Two ● Crack this – password – abc123 – haris – Your own name – Birthday date in numbers – Birthday date in any format
  • 11. Allow All Deny None ● Any ports outbound open ● Not proxy between LAN and Internet ● Used by BOT to attack and comm with BOSS
  • 12. Lab Three ● Telnet – Telnet in CMD and Shell – Port 80 GET /index.htm HTTP/1.1 and enter twice – Port 25 helo and quit ● Visit this website – http://www.yougetsignal.com/tools/open-ports/ – http://canyouseeme.org/
  • 13. Install Everything ● To many patches ● To many services ● Only select what you want
  • 14. Share Everything ● Windows Share permission “every body” – Don't trust your network ● Putting files in web servers – Google BOT nyum-nyum
  • 15. Lab Four ● Google own name in PDF files – harisfazillah filetype:pdf ● You own IC numbers (with and without -) – Do this on your own
  • 16. Phishing ● The most used tactic to gain password – Email – Phone
  • 17. Lab Five ● Track your organisation here – http://www.phishtank.com/ ● You will never know, you are the target. ● Defacement Archive – http://www.zone-h.org/archive
  • 19. Who ? - The Management - ICT - Me Everybody need to be involved
  • 20. Lab Six ● CIS Security – The Benchmark – http://www.cisecurity.org/
  • 21. Where To Start ● Any servers that have IP address – Public or Internal – Heavy traffic websites and Email ● LAN – Review firewall and proxy log – SMTP activities – IRC bot activities – HTTP and HTTPS requests – Minitor network traffic
  • 22. Lab Seven ● Get the bootable CD ● tcpdump ● wireshark ● Any network analysis tools
  • 23. When To Do It ● A must every 6 months ● Any security warning
  • 24. Contact [email protected] http://green-osstools.blogspot.com/